Like many of us in the security community, I (Fyodor) was shocked last
week by John Cartwright's abrupt termination of the Full Disclosure list
which he and Len Rose created way back in July 2002. It was a great
12-year run, with more than 91,500 posts during John's tenure. During that
time he fought off numerous trolls, DoS attacks, spammers, and legal
threats from angry...

Even assuming the cyber domain has yet to stop evolving, it is not clear a
classic strategic treatment of cyber war is possible, or, if it were, it
would be particularly beneficial. The salutary effects of such classics
are limited, the...

Info sec industry still struggles to attract womenNetwork WorldCSO - Even as women have made dramatic advances in medicine, law, and other fields, the proportion of women pursuing undergraduate degrees in the computer sciences has actually been dropping, from around 30 percent in 1990 to 18 percent in 2010, ...and more »

The terms "Internet of Things" (IoT) and "connected home" are two of the trendiest buzzwords in the technology world today. And while both clearly offer very real potential, they also introduce their own share of risk, particularly if they're not approached with caution, according to Jerry Irvine, an owner and CIO of IT outsourcing services firm, Prescient Solutions.

Using 3D laser lithography, a team of German scientists have created micro-truss and -shell structures from ceramic polymer composites that exceed the strength-to-weight ratio of all engineering materials, with a density below 1,000 kg/m.

U.S. President Barack Obama's administration should reverse its decision to suspend the passport of U.S. National Security Agency leaker Edward Snowden and end its efforts to prosecute him as policymakers push to change the programs he exposed, a group of activists said.

Open Compute Project Foundation leader Frank Frankovsky, who founded the project with colleagues at Facebook to help foster scalable data centers in large enterprises, has left the social-networking company for an optical storage startup.

Despite growing disagreement between the United State and Russia over the latter's actions in Ukraine, a NASA astronaut and two cosmonauts are slated to fly tonight to to the International Space Station on a Russian Soyuz spacecraft.

U.S. President Barack Obama's administration should reverse its decision to suspend the passport of U.S. National Security Agency leaker Edward Snowden and end its efforts to prosecute him as policymakers push to change the programs he exposed, a group of activists said.

HTC announced its One M8 smartphone on Tuesday, boasting its premium styling and asserting that it offers the world's best innovations. Those include a dual rear camera for adding depth to photos and a battery with 40% longer life than last year's HTC One M7.

Info sec industry still struggles to attract womenPC AdvisorAccording to latest research, such as the 2013 (ISC)2 Global Information Security Workforce Study, only 11 percent of infosec professionals are female. There are a number of barriers preventing women from entering or staying in the field, but both ...

It has been over a month since we saw the "Moon" worm first exploiting various Linksys routers [1]. I think it is time for a quick update to summarize some of the things we learned since then:

Much of what we found so far comes thanks to the malware analysis done by Bernado Rodriges [2]. Bernado used QEMU to run the code in a virtual environment. QEMU is as far as I know the only widely available virtualization technique that can simulate a MIPS CPU while running on an x86 host. So far, most of what I have been doing relied on telnetting to an infected router. With QEMU, Bernado got additional insight into what happened with the worm. In particular, it is now easy to dump physical memory. The worm ran on OpenWRT. I am not sure if it would be possible to install the stock Linksys firmware in QEMU. Something on my list of things to try out. I think for future reverse analysis, this would provide a more realistic target.

Infected systems will run an additional https server on a random port. The communication we observed in earlier posts is just https, using a self signed certificate. The server also provides statistics pages with summaries listing infected systems. For a screenshot, see https://twitter.com/daavidhentunen/status/441551682443300866/photo/1 .

At this point, I do still see regular hits from infected routers to my honeypot. They appear to have slowed down a bit, but I still get a number of scans a day.

Info sec industry still struggles to attract womenCSO MagazineAccording to latest research, such as the 2013 (ISC)2 Global Information Security Workforce Study, only 11 percent of infosec professionals are female. There are a number of barriers preventing women from entering or staying in the field, but both ...and more »

LinuxSecurity.com: Updated net-snmp packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate [More...]

LinuxSecurity.com: Updated net-snmp packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate [More...]

Adobe Systems is stepping up its mobile efforts by integrating the company's Marketing Cloud with Apple's iBeacons and simplifying advertising in apps, while also partnering with SAP to help sell it using Hana.

Boston-based restaurant chain b.good started its customer loyalty program with email 12 years ago because, well, it couldn't afford much else. As the chain has grown, so has its rewards program, which now has 53,000 'Family' members using keycards and smartphone apps to connect with b.good.

Healthcare providers such hospitals, medical offices and clinics face an unsettling reality, according to a recent Forrester report: Embrace the cloud, big data, mobile and other emerging technology or get acquired by a healthcare organization that's successfully been there and done that.

Cisco Systems' "Intercloud" platform for interoperable cloud services could be combined with remote-computing technology to define the so-called Internet of Things from the weather-ravaged, intermittently connected edge to regional and global data centers.

Self-publishing has become an increasingly important industry for both individual authors and businesses who want to put out their own books. But how do you begin? Here are some tips for self-starters.